Splunk® Supported Add-ons

Splunk Add-on for Symantec Endpoint Protection

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Hardware and software requirements for the Splunk Add-on for Symantec Endpoint Protection

To install and configure the Splunk Add-on for Symantec Endpoint, you must be member of the admin or sc_admin role.

Symantec Endpoint Protection Manager setup requirements

In order to configure your Symantec Endpoint Protection Manager to export log data to a file, you need administrative access to the manager console.

You must install the Splunk Add-on for Symantec Endpoint Protection on a forwarder or single-instance Splunk Enterprise that is installed directly on the server running Symantec Endpoint Protection Manager in order to monitor dump files.

Splunk platform requirements

Because this add-on runs on the Splunk platform, all of the system requirements apply for the Splunk software that you use to run this add-on.

  • For Splunk Enterprise system requirements, see System Requirements in the Splunk Enterprise Installation Manual.
  • If you are managing on-premises forwarders to get data into Splunk Cloud, see System Requirements in the Splunk Enterprise Installation Manual, which includes information about forwarders.
Last modified on 12 October, 2021
PREVIOUS
About the Splunk Add-on for Symantec Endpoint Protection
  NEXT
Installation and configuration overview for the Splunk Add-on for Symantec Endpoint Protection

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters